A vulnerability classified as problematic was found in mantisbt Mantis Bug Tracker up to 2.28.1 . This issue affects some unknown processing of the file bug_report_page.php of the component Project Name Handler . Such manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2026-34463 . The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.